Skip to main content

Apple

8071 CVEs vendor

Monthly

CVE-2022-22597 HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2022-22596 HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-22594 MEDIUM This Month

A cross-origin issue in the IndexDB API was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-22593 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple Ipados Iphone Os +4
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-22592 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Iphone Ipados +3
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2022-22591 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-22590 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Use After Free Denial Of Service +7
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-22589 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +4
NVD
CVSS 3.1
6.1
EPSS
2.0%
CVE-2022-22588 MEDIUM This Month

A resource exhaustion issue was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Ipados Iphone Os
NVD
CVSS 3.1
5.5
EPSS
9.4%
CVE-2022-22587 CRITICAL KEV THREAT Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +2
NVD
CVSS 3.1
9.8
EPSS
11.6%
CVE-2022-22586 CRITICAL Act Now

An out-of-bounds write issue was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-22585 HIGH This Week

An issue existed within the path validation logic for symlinks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-22584 HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2022-22583 MEDIUM This Month

A permissions issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
1.6%
CVE-2022-22579 HIGH This Week

An information disclosure issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2022-22578 HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-27225 MEDIUM This Month

Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Enterprise
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-23625 MEDIUM PATCH This Month

Wire-ios is a messaging application using the wire protocol on apple's ios platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apple Wire Wire Ios Transport
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-25294 HIGH This Week

Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Apple Insider Threat Management
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-0904 MEDIUM This Month

A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Mattermost Buffer Overflow Apple Mattermost Server
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-24753 Go HIGH PATCH This Week

Stripe CLI is a command-line tool for the Stripe eCommerce platform. Rated high severity (CVSS 7.0). This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Microsoft Command Injection Apple Stripe Cli
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-24465 LOW Monitor

Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Apple Intune Company Portal
NVD
CVSS 3.1
3.3
EPSS
0.7%
CVE-2022-23849 MEDIUM This Month

The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apple Password Hub
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2022-25366 HIGH This Week

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Apple Cryptomator
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-24370 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Apple Information Disclosure Pdf Editor +1
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2022-24356 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Apple Information Disclosure Pdf Editor +1
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-20172 HIGH POC This Week

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Netgear Apple Privilege Escalation Genie Installer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-45818 MEDIUM POC This Month

SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Code Injection Safari Montage
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-45425 MEDIUM POC This Month

Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple XSS Safari Montage
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
3.4%
CVE-2021-30767 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-3179 MEDIUM This Month

GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Gglocker
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-34425 MEDIUM This Month

The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat\'s "link preview" functionality. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Microsoft SSRF Meetings
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-34800 HIGH PATCH This Week

Sensitive information could be logged. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apple Microsoft Information Disclosure Agent
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-34424 HIGH This Week

A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google HP Apple Microsoft +30
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-34423 CRITICAL Act Now

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google RCE HP Apple +31
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2021-43220 LOW PATCH Monitor

Microsoft Edge for iOS Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Apple Microsoft Authentication Bypass Edge Ios
NVD
CVSS 3.1
3.1
EPSS
1.1%
CVE-2021-40831 LIB HIGH PATCH This Week

The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Python Authentication Bypass Apple Node.js Java +2
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2021-40829 LIB HIGH PATCH This Week

Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.4.2), Python (versions prior to 1.6.1), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.3) did not. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Python Apple Information Disclosure Node.js Java +1
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-34421 MEDIUM This Month

The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Information Disclosure Keybase
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-42111 MEDIUM This Month

An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Openotp Token
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-43192 MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-43188 HIGH This Week

In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
7.3
EPSS
0.7%
CVE-2021-43187 MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-37850 MEDIUM This Month

ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Eset Cyber Security Endpoint Antivirus +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-42754 MEDIUM This Month

An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Apple RCE Code Injection Forticlient
NVD
CVSS 3.1
5.0
EPSS
0.4%
CVE-2021-33593 MEDIUM This Month

Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Whale
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-30840 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-30836 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Safari Ipados +4
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-30834 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30833 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
42.7%
CVE-2021-30831 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-30824 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-30823 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Authentication Bypass Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2021-30821 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-30818 HIGH This Week

A type confusion issue was addressed with improved state handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption Safari Ipados +4
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-30817 MEDIUM This Month

A permissions issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2021-30816 LOW Monitor

The issue was addressed with improved permissions logic. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-30814 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30813 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2021-30809 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption Use After Free Denial Of Service +6
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-30808 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-1821 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service macOS Watchos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-40526 MEDIUM This Month

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ttr01 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-1529 HIGH This Week

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Command Injection Ios Xe Ios Xe Sd Wan
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-42762 MEDIUM POC This Month

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Authentication Bypass Webkitgtk Wpe Webkit Fedora +1
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-30850 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS Tvos
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-30849 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Microsoft Memory Corruption +7
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-30848 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Safari +3
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-30847 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft RCE Itunes Ipados +5
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-30846 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Safari +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30845 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-30844 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-30843 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30842 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30841 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2021-30838 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Ipados Iphone Os +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2021-30837 HIGH This Week

A memory consumption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os Tvos
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2021-30835 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft RCE Itunes Ipados +5
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-30832 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-30830 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-30829 HIGH This Week

A URI parsing issue was addressed with improved parsing. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-30828 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-30827 HIGH This Week

A permissions issue existed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-30826 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-30825 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-30820 CRITICAL Act Now

A logic issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-30819 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +1
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-30815 LOW Monitor

A lock screen issue allowed access to contacts on a locked device. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-30811 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-30810 MEDIUM This Month

An authorization issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os Tvos +1
NVD
CVSS 3.1
4.3
EPSS
0.5%
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +4
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A cross-origin issue in the IndexDB API was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +6
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +9
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +6
NVD
EPSS 9% CVSS 5.5
MEDIUM This Month

A resource exhaustion issue was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Ipados +1
NVD
EPSS 12% CVSS 9.8
CRITICAL KEV THREAT Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +4
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An out-of-bounds write issue was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue existed within the path validation logic for symlinks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +6
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

A permissions issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

An information disclosure issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Information Disclosure +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Enterprise
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Wire-ios is a messaging application using the wire protocol on apple's ios platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apple Wire +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Apple +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Mattermost Buffer Overflow +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Stripe CLI is a command-line tool for the Stripe eCommerce platform. Rated high severity (CVSS 7.0). This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Microsoft Command Injection +2
NVD GitHub
EPSS 1% CVSS 3.3
LOW Monitor

Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Apple +1
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apple Password Hub
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Apple Cryptomator
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Apple +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Apple +3
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Netgear Apple Privilege Escalation +1
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Code Injection Safari Montage
NVD
EPSS 3% CVSS 6.1
MEDIUM POC This Month

Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple XSS Safari Montage
NVD Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Gglocker
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat\'s "link preview" functionality. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Microsoft +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Sensitive information could be logged. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apple Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google HP +32
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google RCE +33
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Microsoft Edge for iOS Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Apple Microsoft Authentication Bypass +1
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Python Authentication Bypass Apple +4
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.4.2), Python (versions prior to 1.6.1), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.3) did not. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Python Apple Information Disclosure +3
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Information Disclosure +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Openotp Token
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
EPSS 1% CVSS 7.3
HIGH This Week

In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Eset +3
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Apple RCE Code Injection +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Whale
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +4
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +5
NVD
EPSS 43% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +3
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Authentication Bypass Safari +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A type confusion issue was addressed with improved state handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption +6
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

A permissions issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 2.4
LOW Monitor

The issue was addressed with improved permissions logic. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +6
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Memory Corruption +8
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service macOS +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service Ttr01 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Command Injection +2
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Authentication Bypass Webkitgtk +3
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft RCE +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +9
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +3
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A memory consumption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft RCE +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A URI parsing issue was addressed with improved parsing. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A permissions issue existed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple RCE Ipados +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A logic issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados +1
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +3
NVD
EPSS 0% CVSS 2.4
LOW Monitor

A lock screen issue allowed access to contacts on a locked device. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An authorization issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados +3
NVD
Prev Page 38 of 90 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy